| Forced SSO Session Fixation |
|
|
|
| Plug Security Holes in React Apps That Can Lead to API Exploitation |
|
|
|
| Teleport Security Whitepaper - Practical Analysis of and Hardening Against Compromised IdP Scenarios |
|
|
|
| POST to XSS: Leveraging Pseudo Protocols to Gain JavaScript Evaluation in SSO Flows |
|
|
|
| Angular-ing for AuthZ, Problematic anti-patterns in Single Sign On Systems |
|
|
|
| Continuing the Citrix Saga: CVE-2023-5914 & CVE-2023-6184 |
|
|
|
| Hacking Microsoft and Wix with Keyboard Shortcuts |
|
|
|
| SAMLjacking a poisoned tenant |
|
|
|
| SSO Gadgets II: Unauthenticated Client-Side Template Injection to Account Takeover using SSO Gadget Chain |
|
|
|
| Bypassing Okta SSO=> HTTPS/HTTP |
|
|
|
| TOPdesk vulnerable to XML Signature Wrapping Attacks |
|
|
|
| Post Account Takeover? Account Takeover of Internal Tesla Accounts |
|
|
|
| Bypassing SSO Authentication from the Login Without Password Feature Lead to Account Takeover |
|
|
|
| Hacking our way into internal DBs with hardcoded authentication keys |
|
|
|
| SSO Gadgets: Escalate (Self-)XSS to ATO |
|
|
|
| Azure Active Directory Flaw Allowed SAML Persistence |
|
|
|
| Web Hackers vs. The Auto Industry: Critical Vulnerabilities in Ferrari, BMW, Rolls Royce, Porsche, and More |
|
|
|
| Cengage LTI Session Management Leakage |
|
|
|
| Unprotected API endpoint at HAwebsso.nl leads to data leak of +15k medical doctor usernames & password hashes |
|
|
|
| Google SSO misconfiguration leading to Account Takeover |
|
|
|
| Exploits Explained: 5 Unusual Authentication Bypass Techniques |
|
|
|
| Bug Bounty Adventures: A NodeBB 0-day |
|
|
|
| How I was able to take over accounts in websites deal with Github as an SSO provider |
|
|
|
| Oculus SSO “Account Linking” bug leads to account takeover on third party websites and inside VR Games/Apps |
|
|
|
| Duo Finds SAML Vulnerabilities Affecting Multiple Implementations |
|
|
|
writeups.xyz
/
SSO